c6fc / warcannon

Related projects: ⓘ

• ARPSyndicate / kenzer
  automated web assets enumeration & scanning [DEPRECATED]
  ☆285Updated last year
• haxrob / commit-stream
  ☆298Updated this week
• vp777 / procrustes
  A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering
  ☆209Updated 3 years ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆330Updated 4 years ago
• projectdiscovery / pd-actions
  ☆207Updated this week
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated last year
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆215Updated 3 months ago
• gfek / Lepus
  Subdomain finder
  ☆360Updated 3 months ago
• ettic-team / dnsbin
  The request.bin of DNS request
  ☆228Updated 6 years ago
• shadow-workers / shadow-workers
  Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious S…
  ☆220Updated 11 months ago
• The-Login / DNS-Reset-Checker
  Tools to assess the DNS security of web applications
  ☆125Updated last year
• SpiderLabs / scavenger
  scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders a…
  ☆329Updated 5 years ago
• VainlyStrain / Vailyn
  A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
  ☆196Updated 2 years ago
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
  ☆247Updated 2 years ago
• epi052 / recon-pipeline
  An automated target reconnaissance pipeline.
  ☆424Updated last year
• pwnfoo / NTLMRecon
  Enumerate information from NTLM authentication enabled web endpoints 🔎
  ☆461Updated 2 months ago
• sansatart / scrapts
  Scrapts Scrapts Scrapts
  ☆232Updated 5 months ago
• Josue87 / AnalyticsRelationships
  Get related domains / subdomains by looking at Google Analytics IDs
  ☆222Updated 2 years ago
• dhn / udon
  A simple tool that helps to find assets/domains based on the Google Analytics ID.
  ☆166Updated 4 months ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆132Updated 3 years ago
• usdAG / cstc
  CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
  ☆212Updated 2 weeks ago
• un4gi / fave
  Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.
  ☆126Updated last year
• firefart / hijagger
  Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration
  ☆284Updated this week
• byt3bl33d3r / WitnessMe
  Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to …
  ☆728Updated 5 months ago
• IAmStoxe / urlgrab
  A golang utility to spider through a website searching for additional links.
  ☆327Updated 3 years ago
• NotSoSecure / cloud-service-enum
  ☆222Updated 2 months ago
• harleo / asnip
  ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
  ☆203Updated 2 years ago
• serain / mailspoof
  Scans SPF and DMARC records for issues that could allow email spoofing.
  ☆122Updated last year
• intrigueio / intrigue-ident
  Application and Service Fingerprinting
  ☆131Updated last year
• prodigysml / Dr.-Watson
  Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…
  ☆213Updated 4 years ago